Cisco Identity Services Engine (ISE) vs One Identity Safeguard comparison

The compared Cisco and One Identity solutions aren't in the same category. Cisco is ranked #1 in NAC , with an average rating of 8.3, and holds a 27.9% mindshare in the category. One Identity is ranked #4 in PAM , with an average rating of 7.2, and holds a 4.2% mindshare. Additionally, 87% of Cisco users are willing to recommend the solution, compared to 93% of One Identity users who would recommend it.

Cisco Identity Services Eng...

Read 141 Cisco Identity Services Engine (ISE) reviews

17,418 Views
11,415 Comparison Views

87% willing to recommend

One Identity Safeguard

Read 40 One Identity Safeguard reviews

2,991 Views
1,201 Comparison Views

93% willing to recommend

Cisco Identity Services Eng...

One Identity Safeguard

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cisco Identity Services Engine (ISE) and One Identity Safeguard based on real PeerSpot user reviews.

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC).

To learn more, read our detailed Network Access Control (NAC) Report (Updated: February 2025).

Buyer's Guide

Network Access Control (NAC)

February 2025

Download the complete report

Helped 838,713 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cisco Identity Services Eng...

Average Rating

8.2

Reviews Sentiment

6.6

Number of Reviews

141

Ranking in other categories

Network Access Control (NAC) (1st), Cisco Security Portfolio (1st)

One Identity Safeguard

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

User Entity Behavior Analytics (UEBA) (6th), Privileged Access Management (PAM) (4th)

Mindshare comparison

Cisco Identity Services Engine (ISE) and One Identity Safeguard aren’t in the same category and serve different purposes. Cisco Identity Services Engine (ISE) is designed for Network Access Control (NAC) and holds a mindshare of 27.9%, down 31.8% compared to last year.
One Identity Safeguard, on the other hand, focuses on Privileged Access Management (PAM), holds 4.2% mindshare, down 5.0% since last year.

Network Access Control (NAC)

Privileged Access Management (PAM)

Featured Reviews

SunilkumarNaganuri

Service Line Manager (Service Operations Expert) - Network Access Control at a pharma/biotech company with 10,001+ employees

Enhanced device administration hindered by complex deployment and security limitations

Cisco Identity Services Engine (ISE) needs to improve the profiling preauthentication. They are very poor in asset classification and should focus on improving the preauthentication profiling, especially for NAC use cases. This will give them a roadmap for software-defined access (SDA) use cases and network segmentation. Threat detection capabilities are very weak. Additionally, the product is vulnerable and has many bugs.

Read full review

Tor Nordhagen

Executive Director at Semaphore

Transparent mode for privileged sessions will greatly simplify our client's administrative situation

We're introducing the solution's transparent mode for privileged sessions. This is part of what the client hasn't used before. It will simplify their administrative situation greatly. So far, the rollout of this feature has been a seamless process, but we're still in the midst of rolling it out. The benefits will be on the risk side. Right now, the way accounts are managed, you don't necessarily know who is using an account. There's a shared admin account, and that's not a good thing. And those accounts are shared in wallets by several people. One of the real benefits of safeguarding here is that the client will have an absolute audit of who is using an administrative interface, whether it's server or network.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The first benefit is that we can implement zero trust architecture because of Cisco ISE. I can assure my CISO in my company that my network is such that nobody can just bring in their laptop, desktop, or any sort of mobile device and can directly get connected to my network. That is a benefit that I can only allow people who I trust on the network."

"Our clients like Cisco ISE because they already use various Cisco solutions. It's easy for them to use this solution because they have an engineer with Cisco certifications."

"With NAC, the profiling feature is valuable. We're able to see what we have out there in the network and dynamically assign policies to it. We can then use that to enforce TrustSec policy or anything else with NAC."

"It integrates with the rest of our platform, like our firewall, and helps us a lot. It also does a good job establishing trust for every access request."

"For my use cases, the in-depth troubleshooting into why a client can't connect or why they failed, is very valuable. I can go back to someone and say, 'Hey, it's not my network. It's their certificates or user error,' or something else."

"The solution cuts down on the repercussions of getting malware or ransomware."

"It is a good product for what it does...So, it is one of the most critical systems that we have."

"They provide you multiple ways to achieve security, not only on-prem, but also when you have remote and guest workers. Especially post-pandemic, a lot of our customers have remote workers. So, it has been really helpful."

More Cisco Identity Services Engine (ISE) pros

"Being able to use a proxy server is an advantage."

"Safeguard can define and update processes and procedures into the security framework of a company, including mobile. It allows us to change the policies and configurations on a mass scale in regards to security."

"The solution transparently integrates into the infrastructure and users do not notice it. I would give this feature the highest rating."

"It offers high availability and enables end users to deploy the solution with 99.999 percent uptime, which is crucial in an enterprise environment with a large number of endpoints."

"It is easy to manage. There is a very logical, clear user interface. Also, the integration of scripts is thoughtfully implemented. Overall, it's a nice product to manage."

"There are numerous valuable data protection features, including the content and information that offer us more scalable protection as needed."

"There are a lot of features, so it's going to sound funny, but one of the most simplistic features, the Favorites feature, is the one we like the best. You do a full run-through of configuration to check out a server and then you can save that whole configuration as a favorite. So the next time you go in, you click on the favorite that you configured and it automatically takes you to the end so you can check the server out that much faster. It saves a lot of time..."

"I have found One Identity Safeguard to be stable."

More One Identity Safeguard pros

Cons

"An issue with the product is it tends to have a lot of bugs whenever they release a new release."

"The interface is a little bit complex."

"They should improve the documentation. There tends to be a lot of old text, or the new things aren't always up to what's been released on the code, and sometimes the documentation is inconsistent."

"I'm working from China currently and the only real issue is that, within the country, there's some concern around Cisco and its ability to offer the solution for the long term. As the United States has banned the Huawei version in their country, we feel there may be retaliation in ours and Cisco will get banned as a countermeasure from the government. The future of Cisco in China is in question. Our local partners are worried about the situation."

"Cisco could improve the GUIs on their hardware."

"Cisco ISE is very complex and not very easy to deploy."

"The solution lacks properly knowledgeable support, especially internationally, and this is why I am exploring other applications."

"I would like to see the product simplified more, especially with the configuration."

More Cisco Identity Services Engine (ISE) cons

"We've had issues managing accounts and access to some data saved on the servers. Accounts are granted a new working certificate daily. We have an account to do it on APIs online and sync it with that. If the path changes at some point or someone changes the password, I don't know if it's from the Active Directory or what."

"We currently have a problem with the Active Directory integrations on Windows. Some of our users need to be logged with Active Directory, but we are having communication issues between One Identity and Active Directory. It seems that Active Directory is not well-integrated."

"The main point regarding the user experience is that Safeguard has two separate management consoles."

"I would like to see an adjustment with more enterprise architecture. You can buy multiple appliances but you can not fully separate different functions, so scaling might be a bit more complicated."

"We have feature requests and would like to see the turnaround times on those features to be faster."

"The high availability function of the box requires a long time to switch over from one appliance to another."

"Our experience with technical support has been disappointing. We require more prompt and faster response times. We require answers to our questions right away but we haven't received that level of support."

"One Identity Safeguard can improve by having more integration with multiple devices."

More One Identity Safeguard cons

Pricing and Cost Advice

"Its price is probably good if you use all of its features and functionalities to protect your environment. If you use only a part of the functionality, its price is too high. It is just a question of value and the functionality you use."

"Cybersecurity resilience has been very important to our organization and has been a big factor. We've had issues in the past, but one of the things I like about ISE is its logging features. Security wise or information wise, it really has been a powerful tool."

"It's damn expensive and the licensing is terrible... If you have perpetual licenses on 2.7 and you upgrade to 3, you are forced to go with Essentials. That is one of the issues that I'm seeing with my clients now."

"Cisco is expensive, but it's the cost for all the functions and value it brings. Functions like internet solutions, integrations, security, and many more features are important, but it's expensive for some clients."

"Its licensing could be improved. It used to be perpetual, but now they are moving away from that."

"The price for Cisco ISE itself is very low, however, Cisco professional services are quite expensive. Subscription amount is dependent on number of users."

"That's where things got a bit more complicated. Previously, it was a one-time purchase and we just had to renew support. These days, there's a subscription model, which is supposed to be easier and cheaper as well, but it's more pricey"

"For the Avast virus scan, we pay around USD $95 per machine for five years which includes all updates and technical support."

More Cisco Identity Services Engine (ISE) pricing and cost advice

"Setup cost, pricing and licensing are all very expensive."

"They have comparable pricing. All identity products are essentially priced in a similar way. It's a per-user base."

"One Identity Safeguard is expensive and the cost goes up as we scale."

"It was definitely cheaper than the other two products that we evaluated."

"The license is very expensive for us, partly due to inflation and partly because of the exchange rate between the Dollar and the Iranian Rial. We purchased a perpetual license that we've been using up until now, but I believe that we are not going to update it in the future. Instead, we plan to find another third-party to support us with the license, in the sense that we would have access to their license as a shared agreement."

"Its subscription cost is too much, and sometimes, it is very difficult to pitch the solution to the management for cost approval. If the cost is reduced a little bit, it would be easier. If its cost was less, many other organizations that currently cannot afford it would be able to use this technology. I'm sure many organizations around the globe are having issues with identity management, and it is a very difficult task for IT to manage privileged accounts."

"It is a bit on the pricey side, but you get what you pay for. You don't want to get anything too cheap because then you get cheap stuff and cheap support. That really never helps anybody."

"We have a yearly license. The cost depends on how much a company wants to invest in technology. In our organization, we believe in modern digitization and automation processes so we found it affordable. One Identity was not that much less than other solutions and it is not a cheap solution. There were number of cheaper solutions. However, it's the most effective, according to our evaluation."

More One Identity Safeguard pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Network Access Control (NAC) solutions are best for your needs.

See recommendations

838,713 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

28%

Computer Software Company

14%

Financial Services Firm

Government

Computer Software Company

23%

Financial Services Firm

12%

Government

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is better - Aruba Clearpass or Cisco ISE?

Aruba ClearPass is a Network Access Control tool that gives secure network access to multiple device types. You can adapt the policies to VPN access, wired, or wireless access. You can securely ...

See all answers

What are the main differences between Cisco ISE and Forescout Platform?

OK, so Cisco ISE uses 802.1X to secure switchports against unauthorized access. The drawback of this is that ISE cannot secure the port if a device does not support 802.1x. Cameras, badge readers, ...

See all answers

How does Cisco ISE compare with Fortinet FortiNAC?

Cisco ISE uses AI endpoint analytics to identify new devices based on their behavior. It will also notify you if someone plugs in with a device that is not allowed and will block it. The user exper...

See all answers

What do you like most about One Identity Safeguard?

The identity discovery is good, and the performance is pretty good value.

See all answers

What is your experience regarding pricing and costs for One Identity Safeguard?

One Identity Safeguard is expensive. The license is around $3,000 per month.

See all answers

What needs improvement with One Identity Safeguard?

One Identity's support is not appropriately structured, and it has a lot of room to improve.

See all answers

Comparisons

Aruba ClearPass vs Cisco Identity Services Engine (ISE)

Compared 24% of the time

Fortinet FortiNAC vs Cisco Identity Services Engine (ISE)

Compared 21% of the time

Forescout Platform vs Cisco Identity Services Engine (ISE)

Compared 12% of the time

CyberArk Privileged Access Manager vs Cisco Identity Services Engine (ISE)

Compared 6% of the time

Fortinet FortiAuthenticator vs Cisco Identity Services Engine (ISE)

Compared 5% of the time

More Cisco Identity Services Engine (ISE) Competitors

CyberArk Privileged Access Manager vs One Identity Safeguard

Compared 37% of the time

WALLIX Bastion vs One Identity Safeguard

Compared 14% of the time

Delinea Secret Server vs One Identity Safeguard

Compared 10% of the time

SailPoint Identity Security Cloud vs One Identity Safeguard

Compared 8% of the time

More One Identity Safeguard Competitors

Product Reports

Buyer's Guide

Cisco Identity Services Engine (ISE)

February 2025

Cisco Identity Services Engine (ISE) report

Download Cisco Identity Services Engine (ISE) product report

Buyer's Guide

One Identity Safeguard

February 2025

Download One Identity Safeguard product report

Also Known As

Cisco ISE

No data available

Overview

Cisco Identity Services Engine (ISE) offers comprehensive network access control and visibility, supporting features like 802.1X authentication, profiling, and posturing. It integrates with Microsoft and other Cisco products, facilitating robust security policies across distributed networks.

Cisco Identity Services Engine is a key player in network access control, offering centralized management and a user-friendly interface. It supports zero trust principles and provides strong authentication for wired and wireless networks. ISE's capabilities include granular security policies, enhanced device posturing, and seamless integration, bolstering security infrastructure. Users benefit from its dual authentication through EAP, simplifying access management across networks.

What are the key features of Cisco ISE?

802.1X Authentication: Supports network security for authorized device access.
Profiling: Identifies devices for accurate policy enforcement.
Posturing: Evaluates device compliance for access decisions.
TACACS: Streamlines network device authentication and authorization.
Guest Access: Provides secure access to visitors.
Microsoft Compatibility: Seamlessly integrates with Microsoft environments.

What benefits and ROI should be considered?

Security Enhancement: Offers strong network security policies.
Operational Efficiency: Centralized management improves operational aspects.
Improved Compliance: Ensures adherence to industry standards.
Scalability: Supports growing network demands effectively.

In industries like finance, healthcare, and education, Cisco ISE is pivotal for securing wired and wireless networks, implementing BYOD policies, and managing user access. Organizations leverage ISE for effective authentication and authorization, while maintaining compliance with industry security standards.

Cisco

One Identity Safeguard manages and monitors privileged access, enhancing security with features like automatic session recording, real-time monitoring, and credential rotation. It integrates seamlessly, supports compliance with audit trails, and improves operational efficiency across organizations. This robust platform significantly bolsters security protocols while controlling sensitive operations.

One Identity

Sample Customers

Aegean Motorway, BC Hydro, Beachbody, Bucks County Intermediate Unit , Cisco IT, Derby City Council, Global Banking Customer, Gobierno de Castilla-La Mancha, Houston Methodist, Linz AG, London Hydro, Ministry of Foreign Affairs, Molina Healthcare, MST Systems, New South Wales Rural Fire Service, Reykjavik University, Wildau University

Cavium

Buyer's Guide

Network Access Control (NAC)

February 2025

Download Free Report

Find out what your peers are saying about Cisco, Hewlett Packard Enterprise, Fortinet and others in Network Access Control (NAC). Updated: February 2025.

DOWNLOAD NOW

838,713 professionals have used our research since 2012.

We monitor all Network Access Control (NAC) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.